Common cyber security threats your business should look out for

Posted 3 weeks ago

These were the most commonly hacked passwords of 2017!

Looking to stay on top of your cyber security? Of course you are. But to do so, you must make sure that you stay in the loop with the latest cyber security threats so that you know what to look out for.

We’ve listed some of the most common ways that cyber criminals target organisations, their networks, systems, and data, so that you better understand how your business might be targeted. By educating yourself and your staff of these cyber security threats, you can avoid potential cyber attacks and data breaches.

Want to learn more about cyber security? Check out our blog ‘What Is Cyber Security?’.

Malware

Malware is one of the most common cyber security threats. It can come in many forms and can breach systems without people knowing. Essentially, it’s a type of malicious software that’s created with the intention of harming a computer or network, used to steal information and interfere with files and data.

Since this is the biggest threat to look out for, let’s take a look at some examples of malware.

Ransomware

This is a type of malware that encrypts the victim’s data, files etc. and demands money to be paid before they make them accessible again. As with lots of malware, attackers usually install this on systems through links sent in phishing emails.

Fileless Malware

This can be difficult to detect once it has been installed. This is because they don’t need software to be installed; instead, they attack through native software which the victims may trust.

Spyware

Spyware collects web activity data, giving attackers information such as payment credentials and more.

Trojan

A Trojan virus is usually disguised as trusted and legitimate software and is sometimes installed through free downloads found on the web. It can allow attackers to create a backdoor, steal information and install other malware too.

Viruses/Worms

Viruses are usually installed without the victim knowing. They can replicate and attach themselves to other computer files. Worms are similar, however, they don’t need to attach themselves to other files or programs to replicate.

Drive-by downloads

Drive-by downloads happen when people are browsing a malicious site or they click a malicious link. They install malware onto the victim’s device which can then give remote access to the attacker, allowing them to steal data from the device, such as passwords, payment details and more.

It does this by taking advantage of vulnerabilities in web browsers, as they can download automatically without the user even knowing.

Phishing

This is another of the most common threats to cyber security. It gains access through social engineering techniques, such as encouraging somebody to share information or download a file to their computer, often through email but they can also be received through text or social media too.

DoS Attacks

With the aim of disrupting business operations a Denial-of-Service (DoS) Attack, the attacker tries to flood the network with traffic. They can do this by sending lots of illegitimate requests or data so the system is overloaded.

Spoofing

Spoofing is a little bit similar to phishing. It’s where an attacker will impersonate somebody who the intended victim trusts. This could be a co-worker, a manager, or even a website. Usually, they engage with the victim with the aim of installing malware and stealing information. Some common types of spoofing are:

Domain Spoofing: Where the attacker impersonates a fake website and can encourage the victim to input details.

Email Spoofing: Where the attacker impersonates somebody trusted through email, trying to get them to click a link or download a malicious file.

ARP Spoofing: Address Resolution Protocol (ARP) spoofing is where the attacker tricks somebody into sending messages to the attacker instead of where it was intended, allowing them to intercept messages and gain access to communications.

Cyber security training with iHasco

Ready to protect your workplace from cyber threats? We’re ready when you are. Here at iHasco, we offer a range of cyber security training courses that are designed for all businesses and any level of staff to help them protect your business’ devices, networks, software and data from attacks. Some of our other GDPR & Cyber Security training courses include:

We’re already helping thousands of organisations just like yours with their cyber security training requirements. Let us help you too. Request a bespoke quote today and we’ll be in touch to discuss your unique training requirements.

You can also check out our guide to cyber security blog for more support and information.